Abstract: In this talk we will share experiences in building user-facing privacy tools at Google. We will walk you through the process and challenges of redesigning the Incognito mode in Chrome that many of you will be familiar with. We will debunk a few myths on how users allow and deny Android permissions. Finally, we
Abstract: Blockchains have received considerable attention both in academia and industry. Much of this work has focused on how to improve blockchains themselves either in terms of performance, features, or theoretical underpinnings. This talk will focus on a different question: what can blockchains do for computer security and cryptography? It will cover blockchains as a
Abstract: While showing great promise, Bitcoin requires users to wait tens of minutes for transactions to commit, and even then, offering only probabilistic guarantees. In this talk we are going to address the challenges of scaling decentralised payment systems. The first part of the talk introduces ByzCoin, a novel Byzantine consensus protocol that leverages scalable collective signing
Abstract: Despite their usage of pseudonyms rather than persistent identifiers, most existing cryptocurrenciesdo not provide users with any meaningful levels of privacy. This has prompted the creation of privacy enhancedcryptocurrencies such as Monero and Zcash, which are specifically designed to counteract thetracking analysis possible in currencies like Bitcoin. These cryptocurrencies, however, also suffer fromsome drawbacks:
Abstract: Since the initial invention of differential privacy in 2005, the academic community has proposed a large number of variants of the original definition. What are the motivations behind these variants? Which one should you use in each context? In this talk, I’ll present ongoing research towards systematizing this body of research, propose a classification
Abstract: In order to support its fast growing business Zalando applies Radical Agility, a software development methodology that allows engineers to get work done while management gets out of the way. It’s based on three pillars: Autonomy, Mastery, and Purpose, all held together and bound by organisational trust. While this enables our engineers to build
Abstract: Frequent headline-grabbing data breaches suggest that current best practices for safeguarding personal data are woefully inadequate. To try to move beyond the cycle of attacks and patches we see today, my group designs and builds systems with formal end-to-end guarantees. For example, to provide strong guarantees for outsourced computations, my colleagues and I developed
Abstract: Independent reviews of effectiveness of cyber controls and capabilities to respond to cyber events are fundamental components in the overall cyber security strategy for an organization. This session aims to propose participants with insights on Cyber Assurance Testing methodologies including Red Team Testing, Education and Awareness Testing and Cyber Assurance exercises.
Abstract: Swiss Post is a diversified Group that operates in four markets. Its three subsidiaries Post CH Ltd, PostFinance Ltd and PostBus Ltd provide high-quality, marketable and innovative services, and make every effort to satisfy the high expectations of their customers. Swiss Post constantly develops new solutions at the interface between the physical and digital
Abstract: The SPARK open source technology developed and commercialized by AdaCore (since 2008) and Altran (since 1987) is both a programming language and formal program verification toolset aimed at the highest levels of software assurance. In this presentation, we will give an overview of the SPARK Ada language and SPARK proof technology, focusing on its